> LEGAL_PROTOCOL_01

Privacy Policy.

Transparent data handling for the Agentic Web.

Last updated: February 4, 2026 | Effective date: February 4, 2026

1. Business Identity

This privacy policy applies to AEOfix, a professional services business providing Answer Engine Optimization (AEO) and Search Engine Optimization (SEO) services.

  • Business Name: AEOfix
  • Owner: William J Bouch
  • Address: 10 Richard St, Asheville, NC 28803, United States
  • Email: AEOfix.com@gmail.com
  • Phone: +1-469-278-5074
  • Website: https://aeofix.com

2. Information We Collect

We collect the following categories of information:

2.1 Information You Provide Directly

  • Contact Information: Name, email address, phone number, and company/website URL submitted through our contact forms.
  • Service Data: URLs, website content, and business information submitted for auditing and optimization services.
  • Payment Information: Payment details processed securely through Square. We do not store your full credit card numbers on our servers.

2.2 Information Collected Automatically

  • Analytics Data: Page views, session duration, and navigation patterns collected via Vercel Web Analytics. This data is anonymized and does not include personal identifiers.
  • Device Information: Browser type, operating system, and screen resolution for improving site experience.
  • AI Crawler Data: User-Agent strings and query patterns from AI engines accessing our public endpoints.

3. How We Use Your Information

We use collected information for the following purposes:

  • To deliver the AEO/SEO services you purchase (audits, reports, implementations).
  • To respond to your inquiries and provide customer support.
  • To process payments and send transaction confirmations.
  • To improve our website, services, and user experience.
  • To send service-related communications (delivery updates, verification reports).

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

4. Cookies and Tracking Technologies

Our website uses the following cookies and tracking technologies:

  • Vercel Web Analytics: Anonymized, privacy-focused analytics to understand site usage. No personal data is collected. No cookies are set by Vercel Analytics.
  • Square (Payment Processing): When you make a purchase, Square may set cookies necessary for secure payment processing and fraud prevention.
  • Essential Cookies: Required for basic site functionality such as form submissions and modal interactions. These are session-based and expire when you close your browser.

We do not use advertising cookies, retargeting pixels, or third-party tracking for marketing purposes.

5. Third-Party Services

We use the following third-party services to operate our business. Each has its own privacy policy governing data handling:

  • Square (squareup.com) — Payment processing. Square handles all payment card data under PCI DSS Level 1 compliance.
  • Web3Forms (web3forms.com) — Contact form submissions. Receives your name, email, and message content.
  • Vercel (vercel.com) — Website hosting and anonymized analytics.
  • OpenAI (openai.com) — AI processing for generating audit reports and analysis. Submitted URLs and content may be processed through OpenAI's API.
  • Anthropic (anthropic.com) — AI processing for generating audit reports and analysis.
  • Google Vertex AI (cloud.google.com) — AI processing for generating audit reports and analysis.

Important: We do not use your submitted data to train any public AI models. Data processed through AI APIs is used solely for generating the specific report or service you requested.

6. AI Agent Interactions

By using our .well-known endpoints or actions.json tools, you consent to programmatic analysis of your submitted URLs. Data processed by our AI agents is transient and used solely for generating the requested report. We do not retain AI-processed data beyond the delivery of your completed report unless you request otherwise.

7. Data Retention

We retain your information for the following periods:

  • Contact Form Submissions: Retained for up to 12 months to facilitate follow-up and customer service.
  • Service/Audit Data: Retained for 90 days after delivery to allow for revisions and verification. Deleted upon request.
  • Payment Records: Retained for 7 years as required by U.S. tax and accounting regulations.
  • Analytics Data: Anonymized and aggregated; no personal data is retained.
  • AI-Processed Data: Transient; deleted after report generation is complete.

You may request deletion of your data at any time by contacting us at AEOfix.com@gmail.com.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

8.1 All Users

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request that we correct inaccurate or incomplete data.
  • Deletion: Request that we delete your personal data.
  • Opt-Out: Unsubscribe from service-related communications at any time.

8.2 California Residents (CCPA)

Under the California Consumer Privacy Act, you have the right to:

  • Know what personal information we collect and how it is used.
  • Request deletion of your personal information.
  • Opt-out of the sale of your personal information (we do not sell personal information).
  • Non-discrimination for exercising your privacy rights.

8.3 EU/EEA Residents (GDPR)

If you are located in the European Union or European Economic Area, you have additional rights including:

  • Right to data portability.
  • Right to restrict processing.
  • Right to object to processing.
  • Right to withdraw consent at any time.

To exercise any of these rights, contact us at AEOfix.com@gmail.com or call +1-469-278-5074. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • SSL/TLS encryption (HTTPS) for all data transmitted to and from our website.
  • Strict-Transport-Security (HSTS) headers enforced across all pages.
  • Content-Security-Policy (CSP) headers to prevent cross-site scripting attacks.
  • PCI DSS-compliant payment processing through Square.
  • Regular security reviews of our infrastructure and code.

While we take reasonable measures to protect your data, no method of electronic transmission or storage is 100% secure. If you believe your data has been compromised, please contact us immediately.

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a minor, please contact us and we will promptly delete it.

11. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or applicable laws. When we make changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

12. Contact Us

If you have questions about this privacy policy or our data practices, contact us:

  • Email: AEOfix.com@gmail.com
  • Phone: +1-469-278-5074
  • Address: 10 Richard St, Asheville, NC 28803, United States
  • Contact Page: aeofix.com/contact